As reports of malware attacks and hacker-driven data breaches have become commonplace, the need for robust testing solutions in the cybersecurity realm has never been greater. Large enterprises and telecommunications carriers have experienced an expanding volume of encrypted traffic, while the deployment of application-aware systems has created networks that are more distributed and intelligent at the application level. Enterprise IT resources, moreover, have been strained by the rapid growth of cloud computing, IoT and a hyper-connected digital economy.
Validating the efficacy of security controls in this brave new landscape requires the emulation of hyper-realistic network traffic that simulates both legitimate and hacker behaviors. The CF400 appliance is a new platform for cybersecurity testing from Spirent Communications. Not surprisingly, the platform allows users to test the performance limits of network devices, web applications and media services, ensuring Quality of Service (QoS) and Quality of Experience (QoE) for their customers. But taking a closer look is where things really get interesting.
The CF400 is designed to work with Spirent’s web-based testing tool, CyberFlood, which generates traffic scenarios to test the performance and scalability of application-aware network infrastructures. In fact, CyberFlood employs a database of tens of thousands of application, attack and malware scenarios, with updates delivered via an optional TestCloud subscription. Realistic hacker behavior with evasion techniques can be added; attacks can be encrypted to push security solutions to their limits. Malware testing is supported by infected host emulation, and custom tests can also be created for unique protocols, traffic flows and applications — all without scripting.
The platform also runs Spirent’s Avalanche software, which supports the configuration of realistic user behaviors to provide testing that accurately reflects a company’s network usage patterns. Multiple browser types can be emulated, and user behavior such as think times and HTTP aborts (also known as “clickaways”) can be simulated.
According to the company, the CF400 is the industry’s first network security and application delivery test platform to provide 400G of application traffic and 200G of encrypted traffic performance testing capabilities, including full HTTP/3 testing in a single appliance. In addition, its modular architecture provides the flexibility for stacking multiple appliances together in a single test system to validate the performance limits of multi-terabit-scale security controls, application delivery platforms and hyperscale data center networks.